Skip to content

Comments

Robot Upgrade: falco chart upgrade from 2.0.17 to 8.0.0#3885

Open
weizhoublue wants to merge 1 commit intomainfrom
upgrade/falco/8.0.0
Open

Robot Upgrade: falco chart upgrade from 2.0.17 to 8.0.0#3885
weizhoublue wants to merge 1 commit intomainfrom
upgrade/falco/8.0.0

Conversation

@weizhoublue
Copy link
Member

I am robot, upgrade: project falco chart upgrade from 2.0.17 to 8.0.0

@gemini-code-assist
Copy link

Summary of Changes

Hello @weizhoublue, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request delivers a substantial upgrade to the Falco Helm chart, advancing it to version 8.0.0. This update incorporates the latest Falco application version, introduces new subcharts for enhanced Kubernetes metadata collection and response automation, and refines existing integrations. The changes streamline Falco's deployment and management within Kubernetes, focusing on improved security, performance, and adaptability through updated driver mechanisms and plugin support.

Highlights

  • Falco Chart Major Upgrade: The main Falco Helm chart has been significantly upgraded from version 2.0.17 to 8.0.0, aligning with the latest Falco application version 0.43.0.
  • New Subchart Dependencies Introduced: Two new subcharts, 'k8s-metacollector' (v0.1.10) and 'falco-talon' (v0.3.0), have been added as dependencies, expanding the ecosystem integration capabilities.
  • Updated Falcosidekick Integration: The 'falcosidekick' subchart dependency has been updated to version 0.12.1, bringing numerous new outputs, TLS settings, and Redis configuration options.
  • Comprehensive Breaking Changes Documentation: A new 'BREAKING-CHANGES.md' file has been added, detailing significant changes and deprecations across multiple versions (3.0.0 to 8.0.0), including gRPC output/server, legacy eBPF/gVisor engines, and old container metadata collectors.
  • Extensive Documentation and Configuration Updates: The main 'README.gotmpl' has been rewritten to provide detailed guidance on Falco event sources, various drivers (Modern eBPF, Kernel module, Legacy eBPF, gVisor), plugin integration via 'falcoctl', deployment strategies, and custom rules. Numerous configuration files and templates have been updated to support these changes.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request upgrades the Falco Helm chart from version 2.0.17 to 8.0.0. This is a major upgrade that includes significant changes, such as the introduction of falcoctl for artifact management, the addition of new subcharts like falco-talon and k8s-metacollector, and updates to dependencies and configurations. The changes align with the provided BREAKING-CHANGES.md and CHANGELOG.md. My review focuses on documentation formatting and consistency. I've found a few minor issues in markdown files and templates that could improve readability and correctness.


If you still want to use the old values, because you do not want to take advantage of the new and shiny **falcoctl** tool then just run:

```bash=

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The language specifier for this code block is bash=, which is likely a typo and should be bash for correct syntax highlighting. This typo also appears on lines 143, 153, 165, 257, and 266.

Suggested change
```bash=
```bash

4. Falco with plugins and you want to use **falcoctl** to download the plugins' _rulesfiles_:
- Save **falcoctl** configuration to file:

```yaml=

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The language specifier for this code block is yaml=, which is likely a typo and should be yaml for correct syntax highlighting.

Suggested change
```yaml=
```yaml


## 0.1.0 - 2024-09-05

- First release No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character. This helps prevent issues with file concatenation and some diffing tools.

Suggested change
- First release
- First release


## Author

Thomas Labarussias (https://github.com/Issif) No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

Thomas Labarussias (https://github.com/Issif)


## Author

Thomas Labarussias (https://github.com/Issif) No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

Suggested change
Thomas Labarussias (https://github.com/Issif)
Thomas Labarussias (https://github.com/Issif)

volumes:
- configMap
- secret
{{- end }} No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

{{- end }}

{{- else }}
name: {{ .Values.rbac.serviceAccount.name }}
{{- end }}
namespace: {{ .Release.Namespace }} No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

  namespace: {{ .Release.Namespace }}

protocol: TCP
name: http
selector:
{{- include "falco-talon.selectorLabels" . | nindent 4 }} No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

    {{- include "falco-talon.selectorLabels" . | nindent 4 }}

matchLabels:
{{- include "falcosidekick.labels" . | nindent 6 }}
app.kubernetes.io/component: core
{{- end }} No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

{{- end }}

Full list of outputs: https://github.com/falcosecurity/charts/tree/master/charts/falcosidekick.
You can enable its deployment with `--set falcosidekick.enabled=true` or in your values.yaml.
See: https://github.com/falcosecurity/charts/blob/master/charts/falcosidekick/values.yaml for configuration values.
{{- end}} No newline at end of file

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It is a common convention for text files to end with a newline character.

See: https://github.com/falcosecurity/charts/blob/master/charts/falcosidekick/values.yaml for configuration values.

@github-actions github-actions bot force-pushed the upgrade/falco/8.0.0 branch 6 times, most recently from c0ea2f5 to 2ab7a19 Compare February 4, 2026 20:11
@github-actions github-actions bot force-pushed the upgrade/falco/8.0.0 branch 7 times, most recently from ae831c1 to 113f160 Compare February 11, 2026 20:13
@github-actions github-actions bot force-pushed the upgrade/falco/8.0.0 branch 8 times, most recently from 8de96bc to a008ebe Compare February 19, 2026 20:11
Signed-off-by: robot <robot@example.com>
@github-actions github-actions bot force-pushed the upgrade/falco/8.0.0 branch from a008ebe to a3d179b Compare February 20, 2026 20:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant